The ground has shifted under most enterprise IT security staff. Breaches are now capturing prime-time air across mainstream media outlets. As the world becomes more connected, it is no longer enough for enterprises to react once an alert indicates an attacker is inside the network. Instead, with continuous packet capture and threat feeds followed by analysis, it is now possible to hunt the attackers and locate them versus waiting for an alert. Breaches may be viewed as a security problem, but it’s they’re a bigger issue. This is a business problem; similar to lost customers, inventory, or market share, but it just happens to be through technology.
Experienced security leaders and executives have already recognized this challenge and are working towards assembling the perfect blend of people, process, and technology. What is it that they are forming? Internal teams directed to stop waiting for alerts to indicate there’s a problem and to go hunt for the attacker.